cve-2010-0919
Vulnerability from cvelistv5
Published
2010-03-03 19:00
Modified
2024-08-07 01:06
Severity ?
Summary
Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ.
References
cve@mitre.orghttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857
cve@mitre.orghttp://secunia.com/advisories/38681Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/38744Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/38755Vendor Advisory
cve@mitre.orghttp://securitytracker.com/id?1023662
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21421808Vendor Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg27018109Vendor Advisory
cve@mitre.orghttp://www.osvdb.org/62612
cve@mitre.orghttp://www.securityfocus.com/bid/38457
cve@mitre.orghttp://www.securityfocus.com/bid/38459
cve@mitre.orghttp://www.vupen.com/english/advisories/2010/0495Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2010/0496Patch, Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/56555
af854a3a-2127-422b-91ae-364da2661108http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38681Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38744Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38755Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1023662
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21421808Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg27018109Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/62612
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/38457
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/38459
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0495Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0496Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/56555
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T01:06:52.455Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "inotes-activex-bo(56555)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"
          },
          {
            "name": "62612",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/62612"
          },
          {
            "name": "1023662",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023662"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"
          },
          {
            "name": "ADV-2010-0496",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0496"
          },
          {
            "name": "38459",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38459"
          },
          {
            "name": "38755",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38755"
          },
          {
            "name": "38744",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38744"
          },
          {
            "name": "20100301 IBM Lotus Domino Web Access ActiveX Stack Buffer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
          },
          {
            "name": "38457",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38457"
          },
          {
            "name": "38681",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38681"
          },
          {
            "name": "ADV-2010-0495",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0495"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "inotes-activex-bo(56555)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"
        },
        {
          "name": "62612",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/62612"
        },
        {
          "name": "1023662",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023662"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"
        },
        {
          "name": "ADV-2010-0496",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0496"
        },
        {
          "name": "38459",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38459"
        },
        {
          "name": "38755",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38755"
        },
        {
          "name": "38744",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38744"
        },
        {
          "name": "20100301 IBM Lotus Domino Web Access ActiveX Stack Buffer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
        },
        {
          "name": "38457",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38457"
        },
        {
          "name": "38681",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38681"
        },
        {
          "name": "ADV-2010-0495",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0495"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0919",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "inotes-activex-bo(56555)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"
            },
            {
              "name": "62612",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/62612"
            },
            {
              "name": "1023662",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023662"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"
            },
            {
              "name": "ADV-2010-0496",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0496"
            },
            {
              "name": "38459",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38459"
            },
            {
              "name": "38755",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38755"
            },
            {
              "name": "38744",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38744"
            },
            {
              "name": "20100301 IBM Lotus Domino Web Access ActiveX Stack Buffer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
            },
            {
              "name": "38457",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38457"
            },
            {
              "name": "38681",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38681"
            },
            {
              "name": "ADV-2010-0495",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0495"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0919",
    "datePublished": "2010-03-03T19:00:00",
    "dateReserved": "2010-03-03T00:00:00",
    "dateUpdated": "2024-08-07T01:06:52.455Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:domino_web_access:6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"220211F3-8AF4-419E-BB10-0E954F002DFF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:domino_web_access:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4854AD77-45A0-45AB-B9DA-77FFB7531C5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:domino_web_access:7.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"86A823BB-48B7-4F84-A01A-754987FDBD00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:domino_web_access:7.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B653AE06-0056-45AA-B321-391EE70532B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:domino_web_access:7.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D5C812F-4B1E-42A1-A478-978DF925D22D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:domino_web_access:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"723845C5-91E1-4BED-B41F-9E0A0DB629D0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:domino_web_access:8.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DDDCE5E6-F37D-4D1B-B863-E8FE8ABA79E2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"229.271\", \"matchCriteriaId\": \"DA92AB06-5510-4109-AE3A-75834E5F8A00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.011:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62AF2DA6-98E4-4921-B36C-AA5771B3629E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.021:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3CC0B87F-B742-466D-BF93-56BFECAC2E54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.031:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"708BEAEF-B186-470D-8148-9C0703B42765\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.041:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"83C58751-33AE-4A3F-A096-AB13FC8A64A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.051:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"01E2E70E-3C00-4AA2-AF8D-349E82806FA3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.061:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3508BE09-6B84-4819-BC0F-7E23964FE29D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.101:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A17FFE5-97F5-45D0-8C54-3C22BF1FFA72\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.111:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE8C8052-8980-4265-929B-E27B6A914B4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.131:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D6C0F89-47E6-4895-909D-6AF8DBFE2477\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.141:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"590EBAF8-04A9-4DAD-9FCF-B1B38FF03374\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.151:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"717F7305-98E1-403D-B08A-6FE1FD83D2C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.161:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C4B46DA-B4E6-4AB0-AD85-7C77EFE14063\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.171:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E1862CF3-0BF2-4F1B-80A9-0B5B02005A1C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.181:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1CC9488A-F368-498E-8CDE-2ADC6AED470B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.191:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2F8C056-91A2-410B-942A-E108B93AD1E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.201:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BCD1A2BB-F7FC-4FE1-B633-F0AF79E0F5FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.211:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"805C7074-679E-4F11-A055-8C52B4E26F5F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.221:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"840A1975-0C5B-44F0-9F2E-1BBE02AA0484\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.231:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33A29245-F9DA-4F77-91EE-21C1FA3CE784\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.241:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B55ED49B-092B-411B-84AE-847770EE096B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.251:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"483C2E2D-424C-453B-9D51-F53C6B32178B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.261:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4348F385-9AE1-4F8C-9F22-BE50FCA3710B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F936FD55-AD59-47B3-8591-3F79B2ABB4E9\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ.\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de b\\u00fafer basado en pila en el control ActiveX Lotus Domino Web Access en IBM Lotus iNotes (alias Domino Web Access o DWA) 6.5, 7.0 en versiones anteriores a la 7.0.4, 8.0, 8.0.2 y en versiones anteriores a la 229.281 para Domino 8.0.2 FP4 permite a atacantes remotos ejecutar c\\u00f3digo de su elecci\\u00f3n mediante un argumento URL largo a un m\\u00e9todo no especificado, alias PRAD7JTNHJ.\"}]",
      "id": "CVE-2010-0919",
      "lastModified": "2024-11-21T01:13:12.660",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:H/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.6, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 4.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2010-03-03T19:30:00.743",
      "references": "[{\"url\": \"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/38681\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/38744\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/38755\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1023662\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21421808\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg27018109\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.osvdb.org/62612\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/38457\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/38459\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0495\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0496\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/56555\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/38681\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/38744\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/38755\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1023662\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21421808\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg27018109\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.osvdb.org/62612\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/38457\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/38459\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0495\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0496\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/56555\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-0919\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2010-03-03T19:30:00.743\",\"lastModified\":\"2024-11-21T01:13:12.660\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer basado en pila en el control ActiveX Lotus Domino Web Access en IBM Lotus iNotes (alias Domino Web Access o DWA) 6.5, 7.0 en versiones anteriores a la 7.0.4, 8.0, 8.0.2 y en versiones anteriores a la 229.281 para Domino 8.0.2 FP4 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un argumento URL largo a un m\u00e9todo no especificado, alias PRAD7JTNHJ.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:C/I:C/A:C\",\"baseScore\":7.6,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":4.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:domino_web_access:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"220211F3-8AF4-419E-BB10-0E954F002DFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:domino_web_access:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4854AD77-45A0-45AB-B9DA-77FFB7531C5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:domino_web_access:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86A823BB-48B7-4F84-A01A-754987FDBD00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:domino_web_access:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B653AE06-0056-45AA-B321-391EE70532B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:domino_web_access:7.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D5C812F-4B1E-42A1-A478-978DF925D22D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:domino_web_access:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"723845C5-91E1-4BED-B41F-9E0A0DB629D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:domino_web_access:8.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDDCE5E6-F37D-4D1B-B863-E8FE8ABA79E2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"229.271\",\"matchCriteriaId\":\"DA92AB06-5510-4109-AE3A-75834E5F8A00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.011:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62AF2DA6-98E4-4921-B36C-AA5771B3629E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.021:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CC0B87F-B742-466D-BF93-56BFECAC2E54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.031:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"708BEAEF-B186-470D-8148-9C0703B42765\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.041:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83C58751-33AE-4A3F-A096-AB13FC8A64A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.051:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01E2E70E-3C00-4AA2-AF8D-349E82806FA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.061:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3508BE09-6B84-4819-BC0F-7E23964FE29D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.101:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A17FFE5-97F5-45D0-8C54-3C22BF1FFA72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.111:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE8C8052-8980-4265-929B-E27B6A914B4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.131:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D6C0F89-47E6-4895-909D-6AF8DBFE2477\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.141:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"590EBAF8-04A9-4DAD-9FCF-B1B38FF03374\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.151:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"717F7305-98E1-403D-B08A-6FE1FD83D2C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.161:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C4B46DA-B4E6-4AB0-AD85-7C77EFE14063\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.171:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1862CF3-0BF2-4F1B-80A9-0B5B02005A1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.181:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CC9488A-F368-498E-8CDE-2ADC6AED470B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.191:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2F8C056-91A2-410B-942A-E108B93AD1E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.201:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCD1A2BB-F7FC-4FE1-B633-F0AF79E0F5FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.211:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"805C7074-679E-4F11-A055-8C52B4E26F5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.221:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"840A1975-0C5B-44F0-9F2E-1BBE02AA0484\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.231:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33A29245-F9DA-4F77-91EE-21C1FA3CE784\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.241:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B55ED49B-092B-411B-84AE-847770EE096B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.251:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"483C2E2D-424C-453B-9D51-F53C6B32178B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.261:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4348F385-9AE1-4F8C-9F22-BE50FCA3710B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F936FD55-AD59-47B3-8591-3F79B2ABB4E9\"}]}]}],\"references\":[{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/38681\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/38744\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/38755\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1023662\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21421808\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg27018109\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/62612\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/38457\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/38459\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0495\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0496\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/56555\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/38681\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/38744\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/38755\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1023662\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21421808\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg27018109\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/62612\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/38457\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/38459\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0495\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0496\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/56555\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.